Finnish cybersecurity company

Get a clear DNS and email-security review report in about 5 business days.

Tuotos reviews the publicly visible DNS and email-security settings of customer-approved domains. The report shows the key observations, why they matter, and recommended fixes for areas such as SPF, DMARC, DKIM, CAA, and DNSSEC. The review does not require credentials, port scanning, or a heavy rollout.

  • Report in about 5 business days from agreed start
  • Customer only provides approved domains and written authorization
  • No credentials, port scanning, or heavy rollout

Many B2B companies do not need another security platform first. They need a clear answer.

Clear answer to a practical question

If a customer, partner, or your own management asks whether email and domain protection settings are in good shape, you need a clear answer.

Focused starting point

Tuotos gives a limited and practical baseline of public DNS and email-security settings without starting a heavy project.

From observations to action

The report turns visible settings into prioritized findings and recommended fixes.

Not a platform. Not a penetration test.

Tuotos is a clear, human-readable outside-in review for B2B companies that need to understand what is visible, what matters, and what to fix next.

What the pilot checks

The pilot is performed only for customer-approved domains. We review public DNS and email-security records, such as:

  • Authoritative name servers and basic DNS records
  • A, AAAA, MX, TXT, and CAA records
  • SPF records
  • DMARC records and policy
  • DKIM records only if selectors are provided or explicitly approved
  • DNSSEC indicators where publicly visible
  • Old or unclear TXT / verification records
  • Visible email-security gaps and improvement opportunities

What you receive in the pilot

  • Approved scope before work starts
  • DNS/email-security external review
  • PDF report
  • Prioritized observations
  • Practical remediation suggestions
  • 30-minute walkthrough

Example observations

  • DMARC is present but only in monitoring mode
  • SPF includes several senders that should be reviewed
  • CAA record is not configured
  • DNSSEC signal was not observed
  • Old public TXT verification records may still be visible
  • DKIM could not be assessed without customer-provided selectors

What the PDF report includes

  • Executive summary
  • Approved scope
  • DNS and email-security observations
  • Prioritized observation table
  • Evidence and explanation
  • Practical remediation suggestions
  • Next steps
  • Limitations and method

Pilot terms

The first pilot batch is free for a limited number of B2B companies in exchange for structured feedback. The pilot does not commit you to an ongoing service or platform purchase.

FAQ

Is this a penetration test?

No. This pilot is a DNS/email-security external review and not a penetration test, vulnerability scan, or login-based test. It is not a certification, audit, legal opinion, or complete security assurance.

What do you need from the customer?

We need written authorization, approved scope, and the domains to review. Technical work starts only after written authorization and verified scope.

What does the pilot cost?

The pilot is free for selected B2B companies in exchange for structured feedback.

How long does it take?

Target delivery is a PDF report within 5 business days from the agreed start.

Can we use the report for customer/security questionnaire discussions?

Yes. The report can support internal and customer/security-questionnaire discussions, but it is not a certification or complete assurance statement.

What happens after the pilot?

We review findings together and discuss practical next steps. There is no automatic commitment to ongoing service or platform purchase.

What if an observation is uncertain?

Uncertain observations are marked as such with limitations and suggested validation steps in the report.

What is included

  • Written authorization before technical work
  • Verified scope before technical work
  • DNS/email-security external review
  • Customer-safe observation references
  • Clear written report
  • Walkthrough session
  • Practical next steps

What this review is not

  • This pilot is not a penetration test, vulnerability scan, port scan, subdomain brute force search, HTTP probing, or login-based test.
  • Tuotos does not attempt to break in, log in, overload services, exploit vulnerabilities, or access customer systems.
  • Not a certification, legal opinion, or complete security assurance.

A controlled path from request to report

  1. Pilot request
  2. Written authorization
  3. Verified scope
  4. DNS and email-security review
  5. Report + walkthrough

The review follows the approved scope only. No technical work starts without written authorization and verified scope.

Who the pilot is for

The pilot is especially useful for B2B companies that want to review public DNS and email-security settings without starting a heavy project.

Good fit when:

  • A customer or partner asks about security
  • You want to check the current state of DMARC, SPF, DKIM, and DNS settings
  • You need a clear summary for management or IT
  • You want a small first step before a broader security review
  • You do not need a penetration test, but a focused outside review

Typical contacts:

  • IT Manager
  • Security responsible person
  • CIO
  • Infrastructure owner
  • Operations lead

Trust and safety

  • Real customer material is not stored in public repositories or public tools.
  • Raw material is handled outside the public website workflow.
  • No technical work starts without written authorization and verified scope.
  • Calm, scoped, evidence-based approach.

Request a pilot review

Requests are reviewed manually. Before technical work starts, we confirm the approved scope and written authorization. The customer effort is intentionally light.

Request a free pilot